Authentication method and system

ABSTRACT

The invention provides a computer-implemented authentication method comprising the step of enabling a user to input an identifier (e.g. a PIN) into an electronic device having a screen and a keypad operable within a keypad zone of the screen; by operating at least one key of the keypad via an image of at least part of a scrambled keypad which is displayed at least partially within the keypad zone. The user&#39;s operation of the keypad key via the image generates an encoded version of the user&#39;s intended input. In one sense the invention can be perceived as superimposing a non-functional image of a scrambled keyboard over an underlying, functional keypad. The image may be any type of electronic image, and may include a video image. The invention is particularly suited for use with, but not limited to, mobile phones, tablet computer, PCs etc. It can be implemented in any system wherein a user&#39;s identity must be verified before access is granted to a controlled resource.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation of U.S. Non-Provisional patentapplication Ser. No. 16/776,195, filed on Jan. 29, 2020, which is acontinuation of U.S. Non-Provisional patent application Ser. No.15/197,086, filed on Jun. 29, 2016, now U.S. Pat. No. 10,565,359, whichis a continuation of U.S. Non-Provisional patent application Ser. No.15/094,383, filed on Apr. 8, 2016, now U.S. Pat. No. 10,366,215, whichis a continuation of U.S. Non-Provisional patent application Ser. No.14/416,054, filed on Jan. 20, 2015, now U.S. Pat. No. 9,552,465, whichis a national stage of International Patent Application No.PCT/GB2013/051913, filed on Jul. 17, 2013, and which claims priority toUK Patent Applications No. GB1306053.8, filed on Apr. 4, 2013, and No.GB1212878.1, filed on Jul. 20, 2012, all of which are hereinincorporated by reference in their entireties.

BACKGROUND 1. Field

This invention relates generally to the field of user authentication,and more particularly to the field of PIN-based verification. Theinvention is suited for use in situations where a user is required toenter a code, such as a Personal Identification Number (PIN), which isvalidated prior to completing an operation. The operation might be anytype of operation.

2. State of the Art

Authentication is a technique used in a variety of situations where anindividual's identity and/or authorisation needs to be verified prior tobeing allowed to perform an act or gain access to some controlled ormanaged resource such as a device, building, a computer system, afinancial account, a service etc.

One common approach to authentication is to record some pre-selectedidentifier (such as a code or combination of symbols) which is thenmaintained in secrecy in a secure location and available only toauthorised parties. The identifier is stored in association with aparticular user or group of users, and may sometimes be stored and/orused in conjunction with another pre-determined identifier such as ausername, for example. The identifier is often selected by the userhimself although sometimes it may be the resource manager or owner whodetermines it. The user may, in many cases, be able to change theirpreviously selected identifier. Often, the identifier is chosen when theuser initially joins an organisation; for example, when he beginsemployment at a certain company, or registers with a provider for acertain service. After the identifier has been selected and assigned toan authorised individual, that user is required to supply thepre-determined identifier each time he requests permission to performthe controlled act or gain access to the resource or service. The user'sinputted identifier is compared with the stored version. If the user isable to supply the correct identifier then his identity is deemed tohave been verified and access is granted. If, on the other hand, thecorrect identifier is not supplied then access is denied.

In this document such an identifier may be referred to as a PersonalIdentification Code (PIC). One common example of a PIC is a 4 digitnumeric code typically referred to as a Personal Identification Number(PIN). The term ‘PIC’ is intended to include the term ‘PIN’ (PersonalIdentification Number). However, other codes of different lengths andcontaining different types of characters or symbols may be used. Thepresent invention is not intended to be limited with regard to thelength of the identifier used, or the type of characters it contains.For example, it may contain numeric digits, alphabetical characters,pictures, punctuation or any other kind of symbol, or a mixture thereof.The term ‘PIN’ or ‘PIC’ may be used hereinafter to refer to the user'sidentifier for the sake of convenience but should not be construed asbeing limiting in any way as to the length, type or format of theidentifier.

PIN-based verification systems typically comprise a keypad which enablesthe user to enter their pre-selected PIN. A typical keypad layout knownin the art is shown in FIG. 14 a. A keypad is a set of buttons or ‘keys’arranged in a block or ‘pad’. The keys are set out in a grid adjacentone another to form the pad. The keys have indicia (identifiers)printed, engraved, embossed or otherwise displayed on them. The indiciaon a key typically consists of one symbol e.g. ‘6’ but could comprisemore than one symbol e.g. ‘AB’.

The indicia on the keys are usually arranged in an ordered manner, suchas a sequential series. For example, numeric digits would typically beordered in ascending order. In this document, the term ‘keypad’ may beused interchangeably with the term ‘pinpad’.

Keypads are often found on alphanumeric keyboards connected to computingdevices. Other devices such as calculators, push-button telephones,combination locks, and digital door locks are also known to comprise akeypad. The advent of portable telecommunications and computing deviceshas also seen keypads introduced into mobile devices such as mobile(cellular) telephones, tablet computers, PDAs and so on.

Many electronic devices now include computer processing capabilities anda touch screen interface capable of displaying a keypad. These may beused for a variety of purposes, including allowing an authorised user to‘unlock’ the device by entering a passcode comprising a combination ofpre-selected symbols, or entering a telephone number so as to make acall. Card-reading terminals used in financial transactions also havekeypads to allow the user to enter his PIN via the keypad.

Each type of smart phone (e.g. brand and/or model) may have a particularstyle of keypad associated with it as its ‘default’ keypad. For example,the keys may be arranged in a particular format or layout, or aparticular font may be used for the indicia. Therefore, the user of anelectronic device may become familiar with a certain ‘look and feel’with respect to the keypad on that device. An example of a typicalkeypad generated and displayed on a widely known smart phone is shown inFIG. 14 b. The default keypad is generated by the execution of aprocedure call within the phone.

In contrast to conventional keypads which have depressible (physicallymovable) keys, a touch screen can be used to display an image of akeypad having numbered or otherwise indicated ‘hot spots’ correspondingto the physical keys of the conventional counterpart. The user touchesthe hotspots corresponding to the keys of his choice instead of pressinga moveable key. Sensors placed below the surface of the screen sensewhich area(s) have been selected by the user, thus ‘reading’ the user'sinput.

Perhaps the most common use of keypads and PIN-based technology is inrelation to financial transactions e.g. automated teller machines (knownas ‘ATMs’ or ‘cashpoint machines’) and point of sale devices for bankingcards (i.e. debit cards and credit cards).

Prior to the introduction of PIN-based authentication, if a customerwished to make a purchase for goods or services, he would be required toprovide a signature which would be compared to the signature on the backof the card. However, signatures can be forged with relative ease.

In order to address this problem, smartcard technology has beenintroduced in many countries for credit, debit and ATM cards. Thispayment system (sometimes known as the ‘chip and pin’ system) is basedon a global standard known as the EMV standard. Using this approach,credit and debit cards are provided with an embedded microchip. When acustomer wishes to pay for goods using this system, the card is placedinto a “Point of Sale” terminal or a modified swipe-card reader, whichaccesses the chip on the card. Once the card has been verified asauthentic, the customer enters a 4-digit PIN, which is submitted to thechip on the smartcard; if the two match, the chip tells the terminal thePIN was correct, otherwise it informs it the PIN was incorrect. Theinputted PIN matches the stored PIN if each symbol in the input is alsofound in the stored version, and in the same order and number.

In certain situations financial transactions may be carried out byswiping the magnetic stripe on the card so as to read the card's data,or by manual entry of the card details, rather than by inserting thecard into a dedicated card-reading device.

It should be noted that as the PIN is sent back to the host forverification, security considerations become relevant because the PINcan be intercepted during the transmission process.

Since the introduction of PIN-based verification, fraud arising fromface-to-face transactions (where the card and the customer arephysically present at the retail site where the transaction takes place)has been drastically reduced because it is significantly more difficultto fraudulently obtain or guess a PIN than it is to forge a signature.

Moreover, prior to the advent of PIN-based authentication, if acustomer's signature was forged, the card provider was usually heldlegally liable for any ensuing fraud and was compelled to reimburse thecustomer. With the introduction of smartcard technology, however, theonus has typically shifted to the customer to prove that they had acted“with reasonable care” to protect their PIN, rather than on the cardprovider being required having to prove that the signature providedduring the transaction matched that on the card. This transfer ofliability provides very significant financial benefits for cardproviders.

Another drawback of signature-based verification is that it does notlend itself to transactions where the card (and the customer) is notpresent at the retail premises when the transaction is performed—forexample, transactions made over the telephone or internet. Suchtransactions are usually known as ‘card not present’ (CNP) transactions.CNP transactions are now commonplace in today's retail environment, withmany customers choosing to conduct financial operations without being atthe retail location. However, while PIN-based technology provides arelatively secure authentication solution for ‘card present’face-to-face transactions, fraud arising from CNP transactions isrising.

In addition, mobile (cellular) telephone technology has opened newopportunities for retailers and consumers alike. So-called ‘smart’phones comprising sophisticated computing capabilities and have becomeextremely popular, offering the user facilities such as the ability tosurf the web and view retailers' web sites. Customers and retailersalike are often not tied to one physical geographical location but are‘on the move’. For example, customers may wish to make a purchase via aweb site being viewed on a mobile phone while waiting at a bus stop; ora parking attendant may wish to take payment from a driver in a carpark. In such cases, dedicated Point-of-Sales terminals are notavailable for use.

However, despite the enormous popularity of mobile computing technology,in particular telephones, its use in respect of CNP transactions hasbeen limited due to security concerns as data (such as the user's PIN)can be intercepted during transmission from the device to/from the cardprovider's server, or whilst residing in the phone's internal memory.

Some PIN related technology has been designed with mobility in mind andis known in the prior art.

For example, CardEase Mobile® is a mobile payment app which, inconjunction with a mobile card reader, enables a retailer to take Chipand PIN mobile card payments from a customer. The retailer enters theamount of the purchase into an app downloaded and installed on hismobile phone (or tablet device). The retailer then gives the card readerdevice to the customer who swipes or inserts his credit/debit card intothe reader, and enters his PIN via the keypad on the reader device. Thereader then connects via Bluetooth to the app on the retailer's mobiledevice, which then connects to the service provider via the phone'sinternet connection for payment authorisation. Once the payment has beenapproved, the customer removes his card from the reader and the retaileremails or texts a receipt to the customer.

However, this known arrangement requires the use of the card reader. Ineffect, it uses the mobile phone to play the role of the point-of-saleterminal which would usually be located within the store/shop. Themerchant taking the payment still needs to be at the same location asthe customer making the payment because he must hand the card reader tothe customer for use with his credit or debit card. The system does noteliminate the need for a dedicated (i.e. purpose built) card-readingdevice.

Another example of the prior art is disclosed in WO/2012/004395 A1(‘iZettle’). The iZettle arrangement comprises a portable card readerdevice for reading a smart card, a portable reader device and a paymentserver. The aim of the disclosed method is to eliminate the unsecurekeyboard in a mobile phone used for entering a PIN, and instead use aseparate PIN entry device which fulfills the EMV level specification. Inessence, the disclosed approach uses an external PIN pad provided withall the required secure chips and components and which simplycommunicates with the mobile phone via a Bluetooth connection. Thus, asabove, the iZettle disclosure does not solve the problem of usingunsecure mobile devices for PIN entry, it simply circumvents it by usinga separate PIN entry device.

Indeed, the iZettle document states (lines 6 to 19) that:

-   -   ‘A more practical solution would be if a credit card payment        could be conducted using a well-known, non-bulky and commonly        used device such as a mobile phone. However, an ordinary mobile        phone does not have a built-in card reader where you could swipe        your credit card, and even if that particular problem could be        overcome, there is still and issue regarding the level of        security a mobile phone provides. It is well known that for        instance a spy program could infiltrate the mobile phone and        hijack credit card information and identification information,        such as the PIN code entered into the mobile phone via the        phone's keyboard when conducting a credit card payment, without        the user even knowing it. In light of the above, a standard        mobile phone is generally not considered to be a secure device,        and thus not suitable for making credit card payments with.        Thus, finding a way to make secure credit card payments with a        mobile phone is highly sought after’.

Another known arrangement (also from the applicant of WO/2012/004395 A1)comprises a device (‘dongle’) and associated software which fits intothe charging port of a smart phone. When a transaction is to be made,the customer's card is inserted into the dongle. The customer is thenasked to sign the phone's touch screen with their finger in order toauthorise the transaction. Using this approach, the user does not needto enter a PIN. Therefore, the problem of PIN entry on an insecureportable device is avoided rather than solved.

Yet another known approach is disclosed in WO 2011/093998 A1. Again, thedisclosed approach uses a dongle-based card reader which is plugged intothe device. It does not provide a secure technique for enablingPIN-based authorisation.

GB 2416058 A discloses an approach for verifying a request for access toa server. In response to an access request, a random string ofcharacters is generated by a ‘combination generator’ in a securityserver. It then uses this random string to generate ‘image data’ whichis sent from the server to the user's computer. The keypad on the user'scomputer is then modified in accordance with the image data. The userthen enters his PIN using the modified keypad displayed on the computer.Positional data relating to the user's selection within the grid of keys(e.g. first-row-first-column) is stored as a record of the user's PIN.The positional data is then converted by the user's machine intocharacter data such as a string of digits to form an encoded PIN whichis then sent to the server for verification. However, the encoded PINcan be ‘decoded by knowing the image data’—lines 22, 23 of page 10.Therefore, as the image data is stored on the user's computer, if thesecurity of the user's machine is compromised (e.g. hacked into, or isinfected with malware) access may be gained to the image data, thereforeenabling a third party to decode the user's PIN.

Thus, it is desirable to provide an authentication method which does notrender the PIN vulnerable to unauthorised access during transmissionbetween devices, or when stored temporarily in an electronic deviceduring the verification process.

SUMMARY

Ideally, a PIN-based authentication solution which would enable a userto complete a CNP transaction using a PIN to authenticate in a securemanner. Ideally, such a solution:

-   -   could be implemented on a portable electronic device such as a        mobile phone, tablet computing device, laptop, PDA etc, or on a        desktop computer or fixed device;    -   would enable PIN-based authentication to be performed on any        suitably arranged device having some computing capabilities;    -   would require the user to enter his PIN using the same digits as        his stored PIN and in the same order (rather than requiring the        user to enter an ‘encoded’ or somehow disguised/translated        version of his PIN);    -   would be easy and intuitive to use;    -   would not require the user's machine to have access to the        user's ‘real’ PIN, or any knowledge of how to calculate it    -   would not need to execute any conversion or encoding algorithm        (which carries with it a time and processing overhead, and can        be used to discern the user's PIN).

Such an improved solution has now been devised which provides at leastthese advantages.

Thus, in accordance with the present invention there is provided amethod and system as claimed in its various embodiments herein.

According to a first aspect of the invention, there may be provided acomputer-implemented verification method comprising the step of:

enabling a user to input an identifier into an electronic device having:

-   -   i) a screen; and    -   ii) a keypad operable within a keypad zone of the screen;

by operating at least one key of the keypad via an image of at leastpart of a scrambled keypad which is displayed at least partially withinthe keypad zone.

The image may be referred to as a ‘scrambled keypad image’ for ease ofreference.

The keypad is operable in that has the functionality expected of akeypad by a person skilled in the art. The skilled person wouldunderstand the term ‘keypad’ to mean an electronic or mechanical grid ofkeys, each having at least one indicia associated with it, which, whenselected by a user, causes the associated indicia to be inputted into adevice or system for storage and/or processing. In the context of thepresent invention, the keypad is an electronic version of a keypad. Itmay be thought of as a ‘virtual’ keypad in that it is a softwareemulation of a mechanical keypad. It provides all the functionality of amechanical keypad, comprising labelled keys which the user can select toprovide input to a computer-based system.

The keypad may be generated on or by the electronic device. It may begenerated by a procedure call. The procedure may be provided within alibrary supplied by the manufacturer of the device.

By contrast, the scrambled keypad image is a representation of a keypad.The representation may comprise a representation of a whole keypad or atleast part of a keypad. It may depict (represent, illustrate) one ormore ‘keys’. The image may be electronically formed. It may be agraphical image, an optical image, a video or some other form of visualrepresentation. It may be formed or stored in digital format in anelectronic file.

This provides the advantage that the layout of the ‘keys’ in therepresentation may not be easily read by an unauthorised party who mightintercept the representation during transmission or while it isdisplayed on the electronic device.

The scrambled keypad image is not a keypad per se because it is devoidof any functionality. It is merely a representation of a grid of keys.Touching, clicking on or otherwise selecting any ‘key’ depicted in theimage does not, in and of itself, produce any effect or generate aninput.

However, it should be noted that the scrambled keypad image maysometimes be referred to as a ‘keypad’ ‘scrambled keypad’ or an‘overlying keypad’ purely for ease of reference because in use itappears to function as a keypad. Areas of the image may be referred toas ‘keys’, again only for ease of reference because this is what theuser appears to see and use. However, it should be remembered that thisis not actually the case, and that the image is not a keypad in reality.

The invention may enable the user to enter his identifier via the samedevice component that is used to display the scrambled keypad image (thescreen). Phrased another way, the screen may serve as both the output(display) device for the scrambled keypad image and the input device viawhich the user's identifier may be entered. This contrasts with anyprior art disclosure wherein the keypad is displayed on one devicecomponent (e.g. screen) and the user's input is received via anotherdevice component (e.g. keyboard).

An advantage of this feature is that it may enable the user's input fromthe image to be mapped to the electronic keypad which may be at leastpartially hidden from the user's view such that the user's input isautomatically encoded upon entry by the user. The input is automaticallyencoded in the sense that the electronic device may not need to convert,encode or in any way process the user's input. The keypad may begenerated by a procedure call executed on the electronic device. Theoperable, electronic keypad may be referred to as a ‘reference’ or‘underlying’ keypad for ease of reference.

Preferably, the user's operation of the keypad key via the imagegenerates an encoded version of the user's intended input. Preferably,the image is displayed within the keypad zone such that as the usertouches, clicks on or otherwise identifies a location within the image,an operable keypad key at that location is activated to provide anencoded version of the user's input.

Thus, the user's identifier is input via the image. The user may selecta portion of the image in order to enter the identifier. The imageportion may resemble or depict a keypad key. Thus, the user may operatethe keypad through the image.

Preferably, the image functions as a mask or cover superimposed over thekeypad such that when the user touches, clicks on or otherwiseidentifies a location within the image it operates or activates thekeypad key positioned at that location within the keypad zone.

Preferably, the keypad zone and/or the image remains in a fixed positionon the screen during input of the user's identifier. This differentiatesthe invention from those known systems wherein the keys or entire keypadmove on the screen during the verification process. As the image of thepresent invention remains in a fixed location, this provides a solutionwhich is easier to use and requires less processing by the electronicdevice.

Thus, in one sense the invention may be viewed as enabling a scrambledkeypad image to be ‘superimposed’ over an ‘underlying’ keypad such thatwhen the user enters his input via the overlaid scrambled keypad imageit is encoded in accordance with the layout of the underlying(preferably unseen) keypad.

The ‘underlying’ keypad may be viewed as an object generated andresiding in the device's volatile memory at run-time to provide a modelof a conventional mechanical keypad.

Thus, the invention provides the advantage that the user's ‘real’identifier is never stored within the device and is not transmitted forverification. Therefore, the user's identifier cannot be derived by anypotential interceptor without knowledge of the mapping between theoverlaid image and underlying, functional keypad.

Preferably, the mapping between the overlaid image and underlying keypadis not stored in the electronic device, or derivable by the electronicdevice. The mapping (or correlation) between the positions of the twosets of ‘keys’ may be stored on a server remote from the electronicdevice.

Preferably, the scrambled keypad image may be sent from a remotelylocated computer-based resource to the electronic device. The resourcemay be a server. Thus, the scrambled keypad image may not be generatedon the electronic device. A version of the scrambled keypad image may bestored on the server. The version may be a record of the order of thesymbols (“keys”) in the scrambled keypad image.

The keypad zone may be a defined area or portion of the screen. Thus,the keypad zone may occupy the entire screen area or a portion of thescreen. The scrambled keypad image may be displayed such that it coversthe keypad zone completely, exactly or partially.

Preferably, the underlying keypad is at least partially hidden from viewso that the user is not able to see at least some of the keys of thekeypad.

The identifier may be a Personal Identification Code. It may be a PIN(Personal Identification Number). It may comprise any number, type orcombination of symbols or indicia (as explained above). The identifiermay have been pre-selected by the user prior to executing the presentlyclaimed method. The identifier may be stored remotely from theelectronic device e.g. on a server. The scrambled keypad image and/orkeypad may comprise numeric digits, alphabetical characters,punctuation, symbols or any other indicia, or a combination thereof. Oneor more symbols may be associated with each key.

Preferably, the user may be able to select a plurality of “keys” in thescrambled keypad image to input an identifier comprising more than onesymbol.

The scrambled keypad image may be scrambled with respect to a referencekeypad. The keypad image may depict a block or grid comprising aplurality of adjacent keys. It may be ‘scrambled’ in the sense that thesymbols on the “keys” are not in sequential order and/or not in theorder which one would expect, perhaps with reference to the referencekeypad. The scrambling may be in accordance with a random generationprocess, or a process that approximates to a random process. Thereference keypad may be the keypad operable within the keypad zone, or adefault keypad associated as standard with a make, model, type ofelectronic device.

Thus, the same indicia may be present in both the underlying keypad andthe scrambled keypad image but they are provided in different positions.Put yet another way, the order of the keys in the reference keypad isdifferent from that of the scrambled image. The scrambled keypad imagemay provide the same ‘look and feel’ as the default keypad associatedwith the electronic device, but with the “keys” in different relativepositions.

The respective positions of one, some or all “key(s)” in the scrambledkeypad image may be different from the position of the same key(s) inthe underlying keypad.

The user may operate the keys of the underlying keypad via the scrambledkeypad image by interacting with the “keys” displayed on the screen. Forexample, the user's input may be entered by the user touching the screen(with a finger or other device) or by selecting the desired “key(s)”using a pointing device such as a mouse or tracker ball. Other selectionmethods may be used to similar effect, thus falling within the scope ofthe invention.

The position and/or dimensions of the keypad zone may be specified by aprocedure or method call.

Preferably, the keypad zone comprises a plurality of sub-zones or ‘hotspots’. The position of at least one ‘key’ in the scrambled keypad imageand/or keypad may correspond to the position of a sub-zone such thatthere may be a mapping between the “keys” of the scrambled keypad andthe keys of the keypad and/or the plurality of sub-zones. It isdesirable that the mapping is not derivable from or by the electronicdevice. The hotspots may underlie the keys of the scrambled keypadimage.

The (underlying) keypad may be scrambled after each of the user's keyselections. Thus, a different scrambled underlying keypad may be usedfor each keystroke of the user's input.

Preferably, the scrambled keypad image is received by the electronicdevice from a computer-based resource (e.g. a server) located remotelyfrom the electronic device. It may be sent to the electronic device fromthe server in respect to a request for an image, the request being sentfrom the device to the server. The scrambled keypad image may begenerated by the server.

Preferably, the scrambled keypad image is pre-generated. In oneembodiment this may mean that it is generated prior to, not in responseto, the request from the electronic device. The image may be generatedprior to execution of the verification method.

The encoded version of the user's input (identifier) may be sent fromthe electronic device to a remote computer-based resource. This resourcemay be a server. Preferably, the server receives the encoded version ofthe user's input and processes it. The processing may provide a decodedversion of the user's inputted identifier.

Thus, the user's ‘real’ identifier may not be transmitted. Only theencoded version may be transmitted, which may be meaningless to anunauthorised party who does not know the mapping between the the “keys”in the scrambled keypad image and the keys in the underlying keypad.

The decoding may be performed using a stored version or form of thescrambled keypad image. The stored version or form of the configurationof the keys may be a filename. The decoding step may provide a decodedversion of the user's input. Thus, the user's ‘real’ identifier may begenerated by translating each symbol in the encoded version into itscorresponding counterpart in the scrambled keypad image.

The user's decoded input may be compared with a stored version of theidentifier. The user's input may be deemed to be correct if the inputmatches the stored identifier.

Preferably, the method further comprises the steps:

-   -   generating a plurality of scrambled keypad images;    -   selecting one scrambled keypad image from the plurality; and    -   sending a copy of the selected scrambled keypad image to the        electronic device.

The method may further comprise the step of:

removing at least one scrambled keypad image from the plurality prior toperforming the selection.

The method may further comprise the step of:

removing the selected scrambled keypad image from the plurality aftersending the copy to the electronic device.

The method may further comprise the step of:

removing from the plurality any scrambled keypad image which has atleast one key in the same position as the same key in a referencekeypad.

Preferably, the positions of the keys in the scrambled keypad imageremain unchanged relative to one another during input of the user'sidentifier. This is in contrast to prior art arrangements in which theposition and/or order of the keys displayed to the user may scramble orrearrange or move on the screen after each of the user's key selectionsand/or after each verification session.

Preferably, the symbol of at least one key in the scrambled keypad imageis at least partially obscured or obfuscated but remains readable to theuser. This may have benefits in making the representation difficult toread using OCR software. This enhances the security of the system andmethod.

The electronic device may be a mobile telephone, a PC, a tabletcomputer, a laptop, a PDA, a card-reading terminal or other electronicdevice having a screen. The electronic device may be able to support acommunications protocol such as TCP/IP, either over a wireless or fixedline, although other protocols may be supported, such as Bluetooth,RS232 etc.

The communication between the device (e.g. mobile phone) and thecomputer-based resource (e.g. server) may be via a fixedtelecommunications line or via a mobile telecommunications/wifi etc.connection—essentially any IP-based device may be used.

The scrambled keypad image may be displayed via a web browser, or anapplication embedded within a browser, or a standalone softwareapplication, and/or an application providing a graphical user interfaceto allow the user to interact with the scrambled keypad image.

It is preferred that the mapping correlation between the indiciapositioning of the scrambled keypad image and the underlying keypad isstored remotely from the device, typically at the computer basedresource remote from the device.

In order to enhance security, the scrambled keypad image may be renamedand/or encrypted prior to being sent to the electronic device. Thisprovides the benefit that 3rd parties (such as malware) are prevented orat least impeded from intercepting and decoding the identifier.

The method may further comprise the step of delivering an indicator tothe user to confirm that the scrambled keypad image has been provided bya legitimate source. The indicator may be a ‘watermark’. The indicatormay be a textual message, image, video, sound, vibration or othertactile indication. The indicator may have been chosen by the user.

Preferably, the scrambled keypad image is erased from the electronicdevice following the user's input, or following a specified period oftime.

A new (i.e. different) scrambled keypad image may be sent to the deviceif the user makes a mistake when inputting the identifier.

Also in accordance with the invention there may be provided acomputer-implemented method for verifying a pre-stored PersonalIdentification Code (PIC), the method comprising the steps:

-   -   generating a representation of a keypad wherein the position of        at least one indicia in the representation is different from the        position of the respective indicia in the keypad;    -   sending the representation to a remote device for presentation        to a user to enable the user to input a PIC using the        representation;    -   receiving an encoded version of the inputted PIC from the remote        device;    -   decoding the encoded version to provide a decoded version of the        inputted PIC    -   comparing the decoded version of the inputted PIC with the        pre-stored PIC

According to a second aspect, there is provided a computer-implementedmethod for verifying a pre-stored Personal Identification Code (PIC),the method comprising the steps:

-   -   receiving a representation of a keypad from a remotely located        computer-based resource, wherein the position of at least one        indicia in the representation is different from the position of        the respective indicia in the keypad;    -   presenting the representation to a user to enable the user to        input a PIC using the representation;    -   generating an encoded version of the inputted PIC;    -   sending the encoded version of the inputted PIC to the        computer-based resource for decoding such that the decoded        version of the inputted PIC can be compared with the pre-stored        PIC.

According to a further aspect, there is provided a computer-implementedmethod for verifying a pre-stored Personal Identification Code (PIC),the method comprising the steps:

-   -   using a computer-based resource to generate a representation of        a keypad wherein the position of at least one indicia in the        representation is different from the position of the respective        indicia in the keypad;    -   sending the representation to a remote device;    -   presenting the representation to a user via the remote device to        enable the user to input a PIC using the representation;    -   sending an encoded version of the inputted PIC from the remote        device to the computer-based resource;    -   using the computer-based resource to decode the encoded version        to provide a decoded version of the inputted PIC and compare it        with the pre-stored PIC

According to another aspect of the invention there is provided acomputer-implemented verification method comprising the step of:

enabling a user to input an identifier by selecting at least one key viaa scrambled keypad presented to the user within a keypad zone of ascreen associated with an electronic device.

According to another aspect of the invention there is provided acomputer-implemented system arranged and configured to perform anyembodiment of the method described above.

The benefits of the invention include:

-   -   a reduction in the likelihood of fraud arising from CNP        transactions;    -   a significant reduction in the cost associated with such fraud;    -   a shift in liability from the card issuer to the user in respect        of fraudulent card usage;    -   the convenience for the user of secure CNP transactions.

These and other aspects of the present invention will be apparent fromand elucidated with reference to, the illustrative embodiment describedherein.

An embodiment of the present invention will now be described, by way ofexample, and with reference to the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1 to 4 illustrate some examples of the various types of keypadsthat can be generated in accordance with the invention.

FIG. 5 illustrates the production of a scrambled keypad representationaccording to an exemplary embodiment of the invention.

FIG. 6 illustrates the Registration process in accordance with theinvention.

FIG. 7 illustrates an exemplary custom keypad database created for theregistered device.

FIG. 8 shows an illustrative transaction process in accordance with theinvention;

FIGS. 9 and 10, illustrate an overview of an example secure transactionapplication process in accordance with an embodiment of the invention.

FIG. 11 shows an illustrative ‘standard’ keypad in accordance with anembodiment the invention.

FIGS. 12 a, 12 b and 12 c show examples of scrambled keypad images whichare suitable for being superimposed over the standard keypad of FIG. 11.

FIG. 13 shows a scrambled keypad images being superimposed on top of thestandard (reference) keypad of a device.

FIG. 14a shows a standard numeric key pad as known in the prior art.

FIG. 14b shows a numeric keypad on a mobile phone as known in the priorart.

FIG. 15a shows a pre-generated keypad image prior to the application ofa watermark.

FIG. 15b shows the keypad image of FIG. 15a with the watermark providedin the bottom left corner of the keypad zone.

FIG. 15c shows the keypad image of FIG. 15b but with the watermark in adifferent position (bottom left).

FIG. 15d shows the keypad image of 15 a with a photographic image usedas a watermark in the background.

FIG. 16a to FIG. 16e show different scrambled keypad images generatedfrom 4 different numeric sequences.

FIG. 17 shows a scrambled keypad image having a combination ofalphabetical and numeric keys.

FIG. 18 shows three partial images which, when shown repeatedly in rapidsuccession, form an apparently static, recognisable image.

FIG. 19 shows an example of how the invention may be implemented withina financial transaction processing system.

FIGS. 20A-20E show an example of the generation of an encrypted PINbased on a user's PIN.

DETAILED DESCRIPTION

Turning to the Figures, an exemplary embodiment is now described inrelation to use with a mobile phone. However, the invention may be usedto perform PIN verification on a variety of different types of device,assuming that the device has some processing capabilities and a screenfor the display of a keypad.

The exemplary embodiment also relates to use in respect of financialtransactions. One application for which the invention is suited is thatof on-line banking. However, the skilled addressee will readilyunderstand that the invention may be employed in other settings and fornon-financial purposes. It is not limited to business or commercialapplications.

Importantly, the invention can be used in any situation whereverification of an individual's identity is required before allowingthat individual to have access to some controlled resource. Thatcontrolled resource may be any type of resource. It may be funds sittingin a financial account. Equally, it could be a building, a computersystem, a patient's medical records, a service and so on. For example,it may be used for the verification of a passcode on a door lock toestablish authentication prior to allowing entry to a building.

It is important to note that the financially-oriented applicationdescribed below is only one purpose to which this invention may be put.It has been selected for exemplary purposes because chip and PINverification is perhaps the most widely known use of code-basedverification and therefore most readily recognised by readers of thisdocument. However, the skilled addressee will understand that theinvention is not limited in respect of the environment or context inwhich the invention may ultimately be put to use.

It is also important to note that the invention does not constitute ameans for performing a transaction per se. It is a verification tooluseful for authenticating the identity of an individual who hasrequested access to a controlled resource. It does not dictate how thataccess is performed after authorisation is established, neither does itdictate how any other operation or possible transaction is conductedfollowing successful verification.

The exemplary embodiment described below essentially operates bycreating an image of a scrambled version of a keypad (which mayalternatively be called a ‘PIN pad’). The scrambled keypad image is sentfor presentation or display on the target electronic device 1 for theuser to view. In this example, the target device is a mobile phone 1, asshown in FIG. 6.

The scrambled keypad image is arranged to resemble the standard, defaultkeypad for the device. Each brand and/or model of device typically hasits own style of default keypad which might be different in layout,symbols, size, colour etc. from the default keypads associated withother devices. The default keypad is usually generated and displayed onthe mobile phone by a procedure call, which specifies the format of thekeypad for that device and where it is to be displayed on the screen.The default keypad is a grid which occupies a specific area on thescreen i.e. it is displayed at a specified location. It is a pre-definedarea or portion (referred to herein as a ‘keypad zone’) within thephone's screen. The keypad zone is divided up into sub-zones whereineach sub-zone represents a key in the default key pad. Another way ofsaying this is to say that each sub-zone is associated with a particularsymbol. The symbol for each key is displayed for the user to see on thescreen within the location of its respective sub-zone. Therefore, if theuser selects (e.g. touches or clicks on) an area designated to aparticular sub-zone, the symbol for that associated key is recorded. Inthis way, the keypad serves as a virtual version of a mechanical keypad,generated electronically by software, detecting the location of theuser's input within a defined screen area and using that to generate theinput data rather than using physically pressable keys.

In such virtual keypads, each subzone is essentially a ‘hotspot’ on thescreen, and a plurality of hotspots are combined adjacent one another toform a keypad. In the present example, the default keypad 2 of the phoneis arranged as a 3×4 grid of keys, each key 4 having a symbol associatedwith it. In this case, the symbols include numeric digits. Each key 4 isa ‘hotspot’ area of the screen, each hotspot being associated with asymbol in the virtual keypad.

An example of a well-known style of default keypad 2 used with smartphones is shown in FIG. 11. The default keypad 2 is generated on thetarget device 1 itself—it is not sent to the device 1 from the remotelylocated server.

This standard keypad 2 is then ‘overlaid’ with the scrambled keypadimage 3 which is sent to the phone and is displayed on the screen at thekeypad zone. This superimposition is achieved by displaying the image ofthe scrambled keypad within the keypad display zone such that thepositions of the scrambled ‘keys’ correspond to the positions of thehotspots in the default keypad. The alignment of the two keypads is suchthat only the scrambled keypad image is seen by the user and theunderlying, operable keypad is hidden, at least partially but preferablyentirely, by the image. Therefore, as far as the user is concerned,there is only one keypad, which looks exactly like the keypad the userexpects, except with the keys in different positions relative to oneanother.

As the default keypad for the mobile phone is the ‘norm’ against whichthe scrambled keypad is referenced, it may be referred to as a‘reference keypad’.

FIGS. 12 a, 12 b and 12 c show examples of keypad images 3 which aresuitable for overlay on top of the standard keypad 2 of FIG. 11.

The scrambled keypad is sent to the phone as an image. Alternatively, itcould be sent as a video file, to be discussed in more detail furtherbelow. This picture, video or image 3 may be referred to as a‘representation’ because in one sense it represents a physical(depressible) keypad.

The scrambled keypad image 3 has been pre-generated (i.e. prior to theinitialisation of the verification process). It is randomly selectedfrom a set of pre-generated scrambled keypad representations and thensent over a telecommunications network to the handset (i.e. mobilephone) 1. The scrambled keypad image of FIG. 3 is a representation ofthe default keypad layout 2. The difference between the default keypad 2and the scrambled keypad image 3 is that the respective keys 4 areordered differently. In other words, the same digits are present in eachkeypad but at least two are in different positions within the keypadgrid.

This keypad representation 3 has been generated to have exactly the samedimensions as the default keypad so that it can perfectly superimposeit. Thus, the mobile phone user (customer) views only one seamlesskeypad. The user is unaware that there is an underlying keypad 2 whichhas been generated in the background, behind the one that he sees anduses for entering his input. The image is sent to the user's devicetogether with one or more instructions to invoke or call the necessaryprocedure for generating the underlying keypad.

The randomly-selected, scrambled keypad image 3 is effectively overlaidonto the phone's default keypad 2 so that when the user enters his PIN,a different result is generated within the device other than that whichthe user intended to enter, or at least thought he was entering. This isachieved as a result of the relationship (mapping) between thedifferently positioned keys 4 in the two keypads 2, 3. The user touchesthe screen at a particular location to enter a digit shown in theoverlying scrambled keypad image 3, but this is interpreted as being thedigit in the underlying keypad 2 at that sub-zone. As the user enters asubsequent input its corresponding, underlying symbol is concatenated tothe previous input to construct a complete PIN.

In this way, an encoded version of the user's PIN is produced based uponthe position of the hidden keys 4 which the user selects via thescrambled keypad representation 3. If the user makes a mistake, a new(different) keypad representation 3 is sent to the device 1.

Thus, the PIN that the user thinks he is entering is not the PINrecorded by the software residing on the user's phone. The user's ‘real’PIN is never stored on the insecure phone 1, and is not transmitted overany (insecure) network. Only the encoded version is stored, transmitted.The encoded version of the PIN may be encrypted prior to transmission tofurther enhance security. Thus, any interceptor would be unable todecode, guess or re-translate the real PIN without knowing how thepositions of the keys in each keypad map to one another.

In the present embodiment, the decoding process is handled by acomponent of the invention which ‘knows’ the layout of the keys in bothkeypads and is, therefore, able to map the encoded digits back to theiroriginal counterparts, thus arriving back at the user's intended input.This deciphered PIN can then be compared against the user's previouslystored PIN for verification purposes.

In the exemplary embodiment, the scrambled keypad image 3 is encryptedbefore it is sent to the phone 1. Upon arrival at the phone 1 it isloaded into a secure or protected portion of memory on the device 1 (orat least as protected as it can be). In other words, all of the usualsecurity features are used by the invention as if the customer's realPIN has been entered (rather than a translated version). This providesanother layer of security and protection.

These aspects of the invention are now discussed in greater detail inrelation to one way in which the invention can be put into use.

Pin Pad Production

The ‘PIN Pad Production Program’ 6 is responsible for generating all ofthe scrambled keypad images 3 used throughout the system. An overview ofthis aspect of the invention is shown in FIG. 5.

If simply randomly scrambled keypads are used, there is a risk that oneor more keys may not be positionally scrambled. This could resort in oneor more keys of the users input PIN corresponding positionally on thestandard and scrambled PIN. This is not ideal.

Consequently, during PIN pad (image) generation, scrambled key padimages that would have one or more keys positionally corresponding tothe standard keypad are discarded. The PIN pad production is thereforepreferably not purely random, but is subjected to a selection process toselect/discard according to a specific criteria.

The PIN pad (image) generation takes place in a secure environment,typically complaint with payment card industry data security standard.

The output resolution and file type must be initially set up before useon a particular target device 1 (in this case the type of mobile phone).This ensures that outputted images are generated to the optimumresolution for that device e.g. 256×184.

A master ‘Background Image’ 7 is then selected which matches theresolution as set above, and a ‘Permutations File’ 5 selected containingall the required permutations of digits (keys) for the final keypadimages. In one implementation, this file 5 must be a comma separatedtext file with each permutation on a new line. However, a variety ofimplementations may be devised to the same effect. For example, eachpermutation could be separated by a # or *.

The ‘Permutations File’ 5 is then merged with the ‘Background Image’ 7using the user's selection of Font Type, Size and Colour to produce thecompleted keypad image 3. The completed keypad image 3 is then optimizedand reduced in size to be as small as possible for optimum transmissionspeed.

In addition to standard monochrome keypads as shown in FIGS. 1, 5, 9 11,12 and 13, the background image 7 may be manipulated. For example, thecolour of the background and/or the default font type, size and colourcan be altered so that an unlimited database of keypads may be generatedfor every type of screen and device.

In some embodiments, advertisements, educational messages or othercontent may be incorporated in the presented imagery.

These keypad images may employ special fonts or colours to enable anyspecific regional characters e.g. Arabic to be used, and also to ensurethat the images cannot be read by unauthorised Optical CharacterRecognition programs (thus enhancing security).

Each keypad image that is produced is also given a unique filename and amaster index is created for all keypad images that have been generated.When a scrambled keypad image is sent to the device, a copy of thefilename of that image is temporarily stored. This filename contains theorder of the keys within the keypad image. This enables the mappingbetween the scrambled keypad image and the reference keypad to berecorded.

For security purposes, the scrambled keypad image 3 is renamed before itis encrypted and sent to the remote device 1; this prevents malware orother unauthorised parties from possibly intercepting and decoding thePIN.

FIGS. 1 to 4 illustrate some examples of the various appearances thatthe scrambled keypad images 3 can be provided with in accordance withthe invention.

By way of example, FIG. 2 shows a scrambled keypad image 3 having abackground of autumn leaves. This can be used by the retailer forseasonal variations or can be used for advertising purposes.

FIG. 3 shows a black and white only image distorted so that it cannot beread by OCR software. The skilled addressee will be aware that suchimages require high resolution screens to display correctly.

FIG. 4 shows a monochrome keypad image that has been modified for theArabic alphabet. The skilled addressee will appreciate that thisregional difference in the characters can also be combined with theother imagery techniques methods illustrated in FIGS. 2 and 3.

On suitably powerful devices, a video overlay may be used instead of astatic image to further decrease the potential that OCR software couldbe used to read the keypad. This feature could also be used foradvertising purposes.

It is important that, in order to provide a necessary level of security,malware and unauthorised parties are not able to read the data containedin the scrambled keypad image displayed to the user. As described above,this is achieved by the invention by providing the scrambled keypad in asingle image or picture format. While it is possible to OCR images on amicrocomputer, mobile telephones do not have the capabilities to dothis, and it would be almost impossible for hidden malware to possessthe required level of sophistication without attracting detection.

This issue can, at least in part, be addressed by using randombackgrounds and fonts which cannot be understood by OCR technologies.The problem could also be addressed by delivering the keypad image as avideo file. While video files do not lend themselves to being read byOCR technologies it is technically possible for a third party to ‘grab’a single screen from a video file and read it.

One solution which may be incorporated into various embodiments of theinvention would be to combine the two afore-mentioned systems into one.Thus, the scrambled keypad image is presented to the user in a plainformat (ie non special fonts are used and the background is ‘normal’)but the file itself is a small video file which, when played, tricks theeye into thinking that the image is solid and static. In reality nosingle frame contains enough information for it to be reverse engineeredback into understandable, useable content.

The system can be achieved in as little as 3 frames, each played quicklyand in succession so as to appear static. An example is given in FIG.18. When combined into a video file the static word ‘Licentia’ isdisplayed but the individual images are unreadable by an OCR package.

Registration Process

This aspect of the invention is illustrated in FIG. 6.

In certain embodiments, a device 1 must be registered before it can beused with the system of the present invention and a small application 8downloaded to the target device 1. If the device being used is a mobilephone 1 then the update process can occur ‘Over The Air’ automatically;if the device is a fixed terminal then the software 8 may be downloadedover a fixed line, although it may alternatively be built into thedevice at the time of manufacture and simply updated if required.

To register a mobile phone 1 with the system the user would need toundertake a registration process comprising the following steps:

-   -   1. Logo onto registration service 9 via a web-based interface        (e.g. web site) 10    -   2. Enter their personal details i.e. Name, Address, Postcode        (ZIP), Phone Make Model, Email address, Mobile Phone Number    -    The nature and type of data required may be stipulated by the        system operator and vary from country to country depending on        the application with which the system is being used.        Furthermore, registration data may already be held by the        operator as the customer may be an existing client and therefore        only the application may need to be pushed to the device.    -   3. A link is then sent to the mobile handset 1 for the user to        follow or the application 8 is simply ‘pushed’ down to the        handset.    -    When run for the first time, the application 8 sets up the        device 1 and downloads any additional data which may be        required, such as encryption keys etc. A custom keypad image        database is also created on the server for the registered device        (as shown in FIG. 7).

To register onto the system with a fixed device the user would completea similar process as follows:

-   -   1. Logo onto registration service 9 via a web-based interface 10    -   2. Enter their personal details i.e. Name, Address, Postcode        (ZIP), Phone Make Model, Email address    -    As above for the mobile phone, the required data would be        dictated by the system operator.    -   3. The device then connects to the server either via a fixed        line or wireless and if required updates the internal        application. Any additional data that is required, such as        encryption keys etc., is downloaded. A custom keypad image        database is also created on the server for the registered device        (see FIG. 7)

Consider FIG. 7. For both scenarios outlined above, for each device thatis registered onto the system a custom database (or index) 13 of keypadimages is created from the Master Database 11. The Master Databaseconsists of keypad images that have been generated specifically for theuser's registered model of device to ensure optimal display. Thisdatabase (or Index) 11 is then randomized 12 to ensure that no twodevices have the same order of scrambled keypad images i.e. keypad ref‘AXF015689.gif’ may be in location 65894 for one device but in position125948 on another. Again, this enhances security.

It should be noted that in certain embodiments user registration may notbe a requirement. This may be the case where the software is integratedinto a 3^(rd) party application. In such embodiments, the requiredregistration method may have been put in place by the third party.

Transaction Process

This aspect of the invention is illustrated in FIG. 8.

Upon successful registration of the user and device, transactions can beperformed. An authentication (PIN request) can be initiated by severalmethods depending on the manner in which the system has been integratedwith 3^(rd) party applications.

Typically integration occurs with 3^(rd) parties who:

-   -   a. Manufacture card swipe or chip reading devices that are        attached to the mobile device, or    -   b. Push financial information and subsequent payment request        down to the handset i.e. toll road applications; or    -   c. Provide websites which require secure PIN entry to gain        access to information when used in applications such as online        banking access.

However, the invention is not intended to be limited in this regard andthe nature of service or resources provided by the 3^(rd) party is not alimiting feature of the invention.

In all cases described above there is a common trigger for the PINapplication to load and perform the subsequent PIN entry process.

Once a request for an image has been received by the server (which maybe referred to as the ‘computer-based resource’) the incoming device 1is identified and authenticated and, if successful, the next keypadimage from the device's ‘Index’ 13 is encrypted and transmitted to thedevice 1. The keypad images are sent sequentially as per the devices‘index 2’ as shown in item 13 of FIG. 7 (in order from top to bottom)and are not reused.

Once the encrypted keypad image 3 is received by the device 1 it isdecrypted and passed to the ‘Secure Terminal Application’.

Secure Terminal Application

This aspect of the invention is illustrated in FIG. 9 and FIG. 10.

The ‘Secure Terminal Application’ is the program that resides on thetarget device/phone 1 or the fixed terminal and is responsible for thesecure input and transmission of the user's inputted PIN back to theserver.

As described above, a keypad 2 is created on the device in a 3×4 grid.Each hotspot is assigned a numerical character. The application then‘overlays’ this reference keypad 2 with the randomised keypadrepresentation 3 that has been pre-generated and sent down to thehandset 1. This scrambled keypad representation 3 has been generated toexactly the same dimensions as the keypad 2 underneath and perfectlyoverlays it, as described above.

Thus, when the user enters their PIN number 14 using the scrambledrepresentation 3, a different, encoded output is generated. In theexample below, if the user's PIN was ‘6725’ then the output from thekeypad would be ‘0476’. It is the keypad output of ‘0476’ that isencrypted and sent back to the server's ‘Decryption Engine’.

Once the keypad has been pressed four times the scrambled keypad image 3is securely wiped using a secure deletion algorithm from the protectedmemory where it resides.

The Decryption Engine

Once the central server (‘computer-based resource’) receives theincoming encoded and encrypted PIN from the handset 1 it must beconverted back into the original user PIN.

This is done by the ‘Decryption Engine’ which is held on a separatesecure server solely for this purpose. As described earlier, when thedevice 1 identifies itself to the server and requests a keypad image 3the unique filename for the keypad image that was sent to the device 1is temporarily stored. This filename contains the order of the keyswithin the keypad i.e. for the keypad image shown in FIG. 9 the filenamewould be ‘0347152986’. This enables the mapping between the scrambledkeypad image and the reference keypad to be recorded. For securitypurposes, the scrambled keypad image 3 is renamed before it is encryptedand sent to the remote device 1.

When the encrypted PIN arrives the message is firstly decrypted usingthe shared key used for the handset/device (this may be Triple DES orPublic Private Key, or whatever is deemed appropriate during developmentaccording to the handset).

Once the message has been decrypted the encoded PIN that was generatedby the user input must be decrypted. To do this the filename of thekeypad image that was sent is copied into a temporary array and then foreach number that was generated by the user input the number in thecorresponding array position is substituted, thus revealing the actualPIN number.

So for the example above where the user's PIN was 6725, the handsetgenerated and transmitted an encrypted PIN of 0476.

Now when the filename of the keypad image that was sent is copied intothe array ‘0347152986’ we get the data shown in FIG. 20A.

For each number in the generated PIN the ‘Array Position’ is located andthe corresponding ‘Filename Character’ is substituted.

First Digit of PIN=0 (GOTO array position O); First digit of user's PINnumber=6 as shown in FIG. 20B.

Second Digit of PIN=4 (GOTO array position 4) Second digit of user's PINnumber=7 as shown in FIG. 20C.

Third Digit of PIN=7 (GOTO array position 7) Third digit of user's PINnumber=2 as shown in FIG. 20D.

Fourth Digit of PIN=6 (GOTO array position 6) Fourth digit of user's PINnumber=5 as shown in FIG. 20E.

After the decryption process has been completed the user's ‘real’ inputof 6725 is revealed. This PIN number 6725 is then encrypted usingstandard banking encryption and passed to the Acquirer or bankingpartner for processing. It should be noted that this is only furtherencrypted and passed to the acquirer in embodiments relating to afinancial transaction. The data may or may not be further encrypteddepending upon the nature and requires of the specific application.

The array is then securely erased to ensure security, along with anyother temporary data.

It should be noted that in certain alternative embodiments, 12 smallerkey pictures (one for each number or hotspot) may be provided. The phoneor other device may be arranged to to select a random number andrearrange the individual pictures into a 3×4 array (and thus making up avirtual keypad on demand). However, such embodiments present potentialsecurity loopholes and may provide several access points for malware toobtain the user's PIN (as the handset/device would have to transmit therandom number and thus the order of the PIN pad back to the server).Therefore, such an embodiment is suitable for applications whererequired security levels are somewhat relaxed.

It should also be noted that although the invention has been describedabove in respect of a mobile phone having a touch screen, otherembodiments may comprise a different type of device. For example, inanother embodiment the device could be a personal computer, or a laptop,or a tablet computer. The embodiment would function essentially asdescribed above except that as general purpose computing devices, suchas PCs, do not typically comprise a standard procedure call forgenerating a keypad as mobile phones do, the keypad zone and hotspotsare specified by a purpose-built software component executing on thedevice. The software specifies the portion of the screen which makes upthe keypad zone, and the locations of the sub-zones (keys) and theirassociated symbols within the keypad zone. The scrambled keypad image isdisplayed at that location to provide the superimposition techniquedescribed above. The underlying keypad is generated using the same (orsubstantially the same) procedure call used by the smart phoneimplementation.

In another embodiment, a terminal could be provided which resembles theknown card-reading terminals used in retail environments. The terminalmay comprise a touch screen and comprise internal components replicatingthose of a mobile telephone. Thus, the terminal can receive and senddata as a phone can, and the terminal can function is accordance withthe invention as described above in with reference to the target devicebeing a mobile phone.

Thus, the invention can be configured for use with a variety ofcomputing-related devices to equal effect.

In addition, the invention can be configured to include various featureswhich further enhance the security of the user's data.

Watermarking

For example, so-called ‘man in the middle attacks’ are a known problem.This can be addressed in the present invention using a ‘watermark’feature to demonstrate to the user (i.e. a retailer or possibly the endcustomer) that the input device is communicating with a legitimate party(e.g. the appropriate bank) and therefore that the scrambled keypadimage has been sent by that legitimate party and not an imposter.

Such a feature may be implemented in a variety of ways. For example,when a retailer registers to use the system they choose and store asecret indicator (word, phrase, number, name, image etc.) that only theyand the trusted party knows. Then, when a transaction is required thefollowing process is performed:

-   -   1. the consumer's card is read    -   2. The transaction amount is entered    -   3. the pin entry screen is displayed on the terminal

When the PIN entry screen is displayed the merchant must physicallycheck that the pre-selected secret word etc that they registered isdisplayed on the screen before handing the terminal to the customer fortheir PIN entry. This is essentially the same principle which isemployed in ssl technology wherein one looks for the small yellow lockicon as confirmation of the site's legitimacy.

By doing this, the responsibility is placed onto the merchant to ensurethat the device is talking securely to a legitimate party. If adifferent indicator (watermark) is displayed from that which themerchant expects, or no indicator is shown at all, it can be assumedthat the process has been compromised.

This watermark may stay on the screen for duration of the PIN entry bythe consumer.

However, it is preferable that it is only displayed for a short periodof time (e.g. the region of a few seconds) and then disappears before itmay be seen by any other person, such as the customer. If the watermarkis seen by another person, this could allow them to perform a man in themiddle attack. FIG. 15a shows a pre-generated pin pad picture that isblank. The system creates a new pin pad picture to include the user'ssecret word ‘jellybean’ which is then encrypted and sent to the device.This is shown in FIG. 15 b.

Upon registration the user may also choose where to have the watermarkdisplayed e.g. right, left, centre, top etc. A keypad image having thewatermark in the bottom left corner is shown in FIG. 15 c. Inalternative versions, a text colour or font style, or size may also bechosen.

Moreover, the watermark does not have to be in textual form. In someembodiments, the user may upload a photograph or other file (forexample, a family photo or a photo of the shop etc.) so that thispicture is displayed in the background. This is illustrated in FIG. 15d.

This watermarking feature is suitable for employment with allembodiments of the invention, irrespective of the context in which theinvention is used or the nature of the device used to display the keypad(e.g. online through a browser, via a terminal arranged for use with theinvention, or a mobile phone etc.)

Additional PinPad Encryption

In order to further enhance the security of the system, the inventionmay employ one or more techniques for making it more difficult for anunauthorised party to figure out, discern or calculate the mappingbetween the displayed keypad image (i.e. the one that the user uses toenter his PIN) and the underlying keypad.

For example, if the user has selected a PIN which contains the samedigit more than once (e.g. 1223) this may make it easier to compute thecorrelation between the input and the ‘underlying’ keypad.

One possible approach to overcoming this could be to create more thanone underlying keypad. For example, a virtual keypad could be generatedfor each key press. An example is given below.

FIG. 16a shows a scrambled keypad image, and FIG. 16b shows an‘underlying’ keypad. If the user's PIN is 1111 then the encoded PIN sentback to the server would be 9999. This provides a potential hacker witha starting point for an attempt at calculating or guessing the user'sPIN.

However, if 4 different ‘underlying’ keypads are used instead of one,this problem is overcome. Thus, a sequence of digits can be sent to thetarget device (e.g. terminal, phone, PC) and the sequence is used by thetarget device to form the keypad. For the keypad in FIG. 16 b, thesequence would be. 3156790482. Using this approach, it is possible togenerate a new keypad for each required key press.

Thus, the top pin pad as per FIG. 16a is sent to the target device as animage, in accordance with the description set out above. Then, 4 numericsequences are sent for the creation of the underlying keypad e.g.3156790482, 0746189352, 0347156289, 2581673904. This produces thekeypads shown in FIGS. 16b to 16 e.

Suppose now that the user's input is 1111. Instead of 9999 beingproduced, the code 9857 is produced and sent back to the server fordecryption. As the server ‘knows’ which scrambled keypad image was sent,and which sequences of digits, the resulting encoded PIN appears to bemuch more random and is therefore much harder to decipher by aninterceptor. The decryption process at the server end remains as set outabove.

Moreover, in order to enhance security further it is possible to usecombinations of other characters in the generation of the keypads, notjust characters. For example, the sequence Jg6KrBjoJ6 could be sent.This would generate the underlying keypad shown in FIG. 17.

In such an embodiment, the use of randomly generated strings ofcharacters in the bottom keypad reduces the need to ‘filter’ theunderlying keypads (as described above) to remove potentially unsuitablekeypads which might provide an attacker with a possible starting pointfor an attack.

However in a preferred embodiment only 1.6 m scrambled (‘top’) keypadimages are used rather than the possible 3.6 m and a check is stillperformed to ensure that no mapping is the same ie. 1=1 between thesuperimposed and the underlying keypads.

System Level Architecture

FIG. 19 illustrates one manner in which the invention may be implementedinto a transaction system.

FIG. 19 includes the following system components, or modules.

Device app: an app that runs on a terminal or mobile phone to manageuser interaction and technical process flow including initiating apayment transaction, interacting with card reader, requesting an oPinPad(i.e. scrambled keypad image), encrypting the entered oPin and sendingthe transaction online for authorization.

OPinPad Management Module: a stand-alone application module that runs ina central secure data center on a dedicated server. It holds a databaseof all oPinPad TIF images and manages distribution of the oPinPad TIFson demand.

Auth Client: a stand-alone application module that runs in a centralsecure data center, possibly on the same server as the oPinPadManagement Module (or, in some embodiments on its own dedicated server).It receives the message from the Device and prepares it to be sent tothe Payments Switch for Authorisation.

HPSAM Appliance: a stand-alone application module that runs in centralsecure data centre on a dedicated server. In some embodiments the servermay be security hardened.

In FIG. 19, the following terminology is used:

-   -   Device: Payment Terminal or Mobile Phone where payment        transaction is taking place    -   oPin: “Obfuscated PIN”—the encoded PIN which is generated by the        keys of the underlying Device keypad; this is not the actual        cardholder's PIN    -   Real Pin: The real PIN associated with the consumer's card that        would be ‘swapped’ for the oPin before being verified by the        card issuer    -   oPinPad: Obfuscated Pin Pad (i.e. the scrambled keypad        image)—the TIF image which is presented to the card holder to        enter their PIN and having ‘keys’ in scrambled positions        relative to the underlying Device keypad    -   oPinPad Array: Array to be used for mapping the oPin with the        Real Pin, as described above    -   HPSAM: Hosted Payment Security Access Module    -   HSM: Hardware Security Module    -   Card Reader: The terminal/mobile device which contains or is        connected to a Card Reader which retrieves payment card details        from the consumer    -   Tag: Unique identification number assigned to the oPinPad to        assist with later processing    -   ZMK: Zone Master Key.

Referring to the numeric references in FIG. 19, the process flow of theillustrative system is as follows:

0 The device initiates a payment transaction and captures the Amount(from the user interface) and Card Details (from the Card Reader).Sensitive data from the Card Reader is encrypted before getting to theApp. The App goes online and requests an oPinPad from the server. Ifpossible the oPinPad would be requested at the same time as the carddetails are retrieved from the Card Reader. 1 The oPinPad ManagementModule retrieves an oPinPad (i.e. scrambled keypad image) from adatabase and assigns it with a Tag. The oPinPad TIF and the Tag (uniqueid) are sent back to the device. 2 The oPinPad Array is sent to theHPSAM along with the Tag (unique id). All traces of the Tag/Arraycombination are deleted from the oPin Management Module (in particularfrom memory). 3 The Device App displays the oPinPad TIF (scrambledkeypad) image on the device and gathers the oPin as described above; theoPin is immediately encrypted using a field encryption method (such asDUKPT). The whole authorization message is then sent to the Auth Clientfor payments authorization (this message includes the Amount, theencrypted card details and the encrypted oPin). 4 The Auth Clientgathers the transaction details and passes it on to the Payments Switch.5 The Payments Switch intercepts the transaction during standard routingprocessing so that the oPin can be replaced with the Real Pin. This isdone by sending the oPin with the Tag to the HPSAM. 6 Using the Tag, theHPSAM retrieves the oPinPad Array and uses it to map the oPin to theReal Pin. The Real Pin is immediately encrypted using 3DES and a ZMKwhich is aligned with the Payments Switch. 7 The Real Pin is sent backto the Payments Switch as a PinBlock and is added to the transaction tomake an industry standard Online Pin payments authorization message(such as, for instance, an ATM message). 8 The Real Pin block istranslated using an industry standard HSM such that the encrypted Pincan be handled by the receiving institution (Acquirer, Processor,Issuer).

It should be noted that the above-mentioned embodiments illustraterather than limit the invention, and that those skilled in the art willbe capable of designing many alternative embodiments without departingfrom the scope of the invention as defined by the appended claims. Inthe claims, any reference signs placed in parentheses shall not beconstrued as limiting the claims. The word “comprising” and “comprises”,and the like, does not exclude the presence of elements or steps otherthan those listed in any claim or the specification as a whole. In thepresent specification, “comprises” means “includes or consists of” and“comprising” means “including or consisting of”. The singular referenceof an element does not exclude the plural reference of such elements andvice-versa. The mere fact that certain measures are recited in mutuallydifferent dependent claims does not indicate that a combination of thesemeasures cannot be used to advantage.

What is claimed:
 1. A computer-implemented verification methodcomprising: enabling a user to input an identifier into an electronicdevice having a screen and an operable, virtual keypad by operating atleast one key of the operable, virtual keypad via an image of at leastpart of a keypad which is displayed at least partially within a keypadzone of the screen; wherein the image represents or depicts a scrambledkeypad having at least one key which is positionally re-ordered orreconfigured relative to the layout of the keys in the operable, virtualkeypad; and wherein configuration or order of the keys in the operable,virtual keypad is altered after at least part of the identifier has beeninputted.
 2. A method according to claim 1, wherein: the image iselectronically formed.
 3. A method according to claim 1, wherein: theimage includes at least one of a graphical image, an optical image, avideo, or some other form of visual representation.
 4. A methodaccording to claim 1, wherein: the image is displayed within the keypadzone such that as the user touches, clicks on or otherwise identifies alocation within the image, a key of the operable, virtual keypad thatcorresponds to that location is activated to provide an encoded versionof the user's input.
 5. A method according to claim 1, wherein: theimage is displayed such that it appears to the user that the image is anoperable keypad with keys in a scrambled order or configuration withrespect to the keys of the operable, virtual keypad.
 6. A methodaccording to claim 1, wherein: the image functions as a mask or coversuperimposed over the operable, virtual keypad such that when the usertouches, clicks on or otherwise identifies a location within the keypadzone, it activates a key of the operable, virtual keypad thatcorresponds to that location within the keypad zone.
 7. A methodaccording to claim 1, wherein: at least one of the keypad zone and theimage remains in a fixed position on the screen during input of theuser's identifier.
 8. A method according to claim 1, wherein: theidentifier is a Personal Identification Code or Personal IdentificationNumber.
 9. A method according to claim 1, wherein: the keypad zonecomprises a plurality of sub-zones or “hot spots”, each sub-zonecorresponding to a key of the operable, virtual keypad; and the image ispresented to the user such that the position of at least one keydepicted in the image corresponds to the position of a sub-zone, thusproviding a mapping between the keys of the keypad depicted in the imageand the plurality of sub-zones.
 10. A method according to claim 1,wherein: an encoded version of the user's identifier is constructedwithin the electronic device from a plurality of keystrokes activated onthe operable, virtual keypad in response to a click, touch or otherindication made by the user with respect to the image.
 11. A methodaccording to claim 1, further comprising: sending the identifierinputted into the electronic device from the electronic device to aremote computer-based resource.
 12. A method according to claim 11,wherein: the remote computer-based resource receives the identifier andprocesses it, wherein the identifier is processed using a stored form orversion of the configuration of the keys depicted in the image.
 13. Amethod according to claim 1, wherein: the positions of all keys depictedin the image remain unchanged relative to one another during input ofthe user's identifier.
 14. A method according to claim 1, wherein: theimage is received by the electronic device from a computer-basedresource located remotely from the electronic device.
 15. A methodaccording to claim 1, further comprising: delivering an indicator to theuser to confirm that the image has been provided by a legitimate source.16. A method according to claim 15, wherein: the indicator is an audibleindication, a visual indication, a textual message, image, video, sound,watermark, vibration, or other tactile indication.
 17. A methodaccording to claim 1, wherein: the image is erased from the electronicdevice following the user's input, or following a specified period oftime.